Cussins Enterprises LLC

Technology is a paint brush on the canvas of life. 
What can we paint for you?

Cybersecurity News

Awareness of what is happening is the 1st to a secure system.

Threat Post

Firewall Bug Under Active Attack Triggers CISA Warning

On August 23, 2022Source: Web Security – ThreatpostBy Threatpost
Categories: Vulnerabilities, Web Security

CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.Read more

Fake Reservation Links Prey on Weary Travelers

On August 22, 2022Source: Web Security – ThreatpostBy Nate Nelson
Categories: Malware, Web Security

Fake travel reservations are exacting more pain from the travel weary, already dealing with the miseRead more

Google Patches Chrome’s Fifth Zero-Day of the Year

On August 18, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Vulnerabilities, Web Security, Google Chrome, zero-day vulnerabilities

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbRead more

Phishers Swim Around 2FA in Coinbase Account Heists

On August 8, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Web Security

Attackers are spoofing the widely used cryptocurrency exchange to trick users into logging in so theRead more

Open Redirect Flaw Snags Amex, Snapchat User Data

On August 5, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Vulnerabilities, Web Security

Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among otRead more

Universities Put Email Users at Cyber Risk

On August 2, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Vulnerabilities, Web Security

DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest protRead more

Threat Actors Pivot Around Microsoft’s Macro-Blocking in Office

On July 28, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Malware, Web Security

Cybercriminals turn to container files and other tactics to get around the company’s attempt to thwaRead more

IoT Botnets Fuel DDoS Attacks – Are You Prepared?

On July 26, 2022Source: Web Security – ThreatpostBy Sponsored Content
Categories: Sponsored, Vulnerabilities, Web Security, indusface

The increased proliferation of IoT devices paved the way for the rise of IoT botnets that amplifiesRead more

Magecart Serves Up Card Skimmers on Restaurant-Ordering Systems

On July 20, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Malware, Web Security

300 restaurants and at least 50,000 payment cards compromised by two separate campaigns against MenuRead more

Authentication Risks Discovered in Okta Platform

On July 19, 2022Source: Web Security – ThreatpostBy Nate Nelson
Categories: Privacy, Web Security

Four newly discovered attack paths could lead to PII exposure, account takeover, even organizationalRead more

Beeping Computer

https://www.bleepingcomputer.com/feed/ is invalid XML, likely due to invalid characters. XML error: XML_ERR_NAME_REQUIRED at line 1, column 5377

Motherboard

Scientists Claim AI Breakthrough to Generate Boundless Clean Fusion Energy

On February 21, 2024Source: VICE US - MotherboardBy Mirjam Guesgen
Categories: Science, nuclear fusion, AI, Abstract

Princeton researchers report that a new AI model has solved one of the major roadblocks to generatinRead more

How Starship Troopers’ Psychic Subplot Explains Its Divisive Message

On February 20, 2024Source: VICE US - MotherboardBy Jordan Pearson
Categories: Opinion, starship troopers, helldivers 2, Paul Verhoeven

The internet is warring over Paul Verhoeven’s subversive 1997 sci-fi blockbuster, and one puzzling eRead more

First Prison Photo of Sam Bankman-Fried Emerges: Bearded, Thin, and ‘Weird as Shit’

On February 20, 2024Source: VICE US - MotherboardBy Maxwell Strachan
Categories: S.B.F., sam bankman-fried, ftx, alameda research, crypto

Independent crypto journalist Tiffany Fong obtained the photo of the former FTX CEO from a former inRead more

X Suspends, Then Reinstates, Alexei Navalny’s Widow After Pledge to Continue Anti-Putin Politician’s Work

On February 20, 2024Source: VICE US - MotherboardBy Jordan Pearson
Categories: Tech news, Navalny, X, Twitter, Musk, Putin, Alexei Navalny, Yulia Navalnaya

Yulia Navalnaya pledged to continue her late husband’s work to unseat Vladimir Putin in videos shareRead more

Life in a ‘Death Trap’: How Tenants Rose Up Against a Federally Funded Mega-Landlord

On February 20, 2024Source: VICE US - MotherboardBy Roshan Abraham
Categories: housing, HUD, apartments, rentals, section 8

Years of living with rats, snakes, and rotted floorboards has led a group of tenants across the counRead more

Data Breeches

Too Speculative’: US Judge Throws Out Data Breach Suit Against Ally Financial

On March 27, 2024Source: DataBreaches.netBy Dissent Doe PHD
Categories: Exposure, Financial Sector, U.S.

Jane Wester reports: U.S. District Judge Nelson Román of the Southern District of New York on MondayRead more

Utah Enacts Amendments to State Breach Notification Law

On March 27, 2024Source: DataBreaches.netBy Dissent Doe PHD
Categories: Breach Laws, Legislation, Of Note, State/Local, U.S.

Hunton Andrews Kurth writes: On March 19, 2024, Utah’s Governor Spencer J. Cox signed Senate Bill (SRead more

System Status Note

On March 26, 2024Source: DataBreaches.netBy Dissent Doe PHD
Categories: Uncategorized

The RSS feed should be working again for those who are already subscribed to it or would like to subRead more

Treasury Sanctions China-Linked Hackers for Targeting U.S. Critical Infrastructure

On March 26, 2024Source: DataBreaches.netBy Dissent Doe PHD
Categories: Federal, Hack, Legislation, Of Note, U.S., APT 31, critical infrastructure, OFAC

WASHINGTON — Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioRead more

Major credit bureau slapped with enforcement notice for data breach in South Africa

On March 26, 2024Source: DataBreaches.netBy Dissent Doe PHD
Categories: Business Sector, Hack, Non-U.S.

Jan Vermeulen reports: The Information Regulator has slapped credit bureau TransUnion with an enforcRead more

System Status Note

On March 23, 2024Source: DataBreaches.netBy Dissent Doe PHD
Categories: Uncategorized

On March 8, DataBreaches experienced a massive DDoS attack. At the time, I thought all posts had beeRead more

Commonwealth Healthcare Corporation breached, patient data involved

On March 23, 2024Source: DataBreaches.netBy Dissent Doe PHD
Categories: Blog, Hack, Health Data, HIPAA, U.S.

A new leaksite appeared this past week that appears to have been created for one particular incidentRead more

OK: Emergency Medical Services Authority notifies patients of hacking incident

On March 23, 2024Source: DataBreaches.netBy Dissent Doe PHD
Categories: Hack, Health Data, U.S.

Terré Gables of KFOR reports: Emergency Medical Services Authority (“EMSA”) says, it has identifiedRead more

American Renal Associates patients affected by ransomware attack

On March 22, 2024Source: DataBreaches.netBy Dissent Doe PHD
Categories: Health Data, Malware, U.S., American Renal Associates, Innovative Renal Care, ransomware

Marco A. De Felice reports: The American Renal Associates (now known as Innovative Renal Care), withRead more

Nissan Oceania Data Breach Impacts 100,000 Individuals in Australia and New Zealand

On March 22, 2024Source: DataBreaches.netBy Dissent Doe PHD
Categories: Business Sector, Malware, Non-U.S.

Alicia Hope reports: Nissan Oceania is notifying 100,000 individuals that the December 2023 data breRead more

Cyberscoop

CISA releases draft rule for cyber incident reporting

On March 27, 2024Source: CyberScoopBy Christian Vasquez
Categories: Government, Policy, critical infrastructure, Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security (DHS), incident reporting, Jen Easterly

The proposal describes when critical infrastructure organizations will be required to report cyberseRead more

Treasury report calls out cyber risks to financial sector fueled by AI

On March 27, 2024Source: CyberScoopBy mbracken
Categories: AI, Cybersecurity, Artificial Intelligence (AI), National Institute of Standards and Technology (NIST), Treasury Department

The new report sounds the alarm on AI-specific cyber risks while highlighting best practices to combRead more

Spyware and zero-day exploits increasingly go hand-in-hand, researchers find

On March 27, 2024Source: CyberScoopBy eliasgroll
Categories: Cybersecurity, Privacy, Technology, Google, Mandiant, spyware, vulnerabilities

Researchers found 97 zero-days exploited in the wild in 2023; nearly two thirds of mobile and browseRead more

Chinese hackers target family members to surveil hard targets

On March 26, 2024Source: CyberScoopBy eliasgroll
Categories: Cybersecurity, Geopolitics, APT31, China, Department of Justice (DOJ), hacking, Ministry of State Security, surveillance

To surveil security conscious politicians and dissidents, hackers linked to Beijing are increasinglyRead more

US and UK accuse China of cyber operations targeting domestic politics

On March 25, 2024Source: CyberScoopBy AJ Vicens
Categories: Geopolitics, China, Treasury Department, sanctions, APT31, Department of Justice (DOJ), cyber espionage, Ministry of State Security

Officials in Washington and London say hackers backed by the Chinese state sought to silence dissideRead more

US must establish independent military cyber service to fix ‘alarming’ problems — report

On March 25, 2024Source: CyberScoopBy Billy Mitchell
Categories: Government, Uncategorized

A new report from the Foundation for Defense of Democracies aims to make the case for the creation oRead more

Top Democrat proposes minimum cybersecurity standards in wake of Change Healthcare attack

On March 22, 2024Source: CyberScoopBy AJ Vicens
Categories: Government, Ransomware, Change Healthcare, Ron Wyden, Sen. Mark Warner, UnitedHealth Group

The new legislation from Sen. Mark Warner comes as health care groups say they would oppose such proRead more

German political party targeted by SVR-linked group in spearphishing campaign, Mandiant says

On March 22, 2024Source: CyberScoopBy djohnson
Categories: Geopolitics, Government, malware, Russia, Cozy Bear, germany, spearphishing, Mandiant, SVR

The group may have been seeking insights on shifting European sentiments on Ukraine, threat analystsRead more

House-passed data privacy bill doesn’t thrill privacy groups

On March 21, 2024Source: CyberScoopBy Tim Starks
Categories: Government, Privacy, Center for Democracy & Technology, Privacy legislation, privacy law, TikTok, data brokers, Executive order, House Energy and Commerce Committee, China, Congress, Russia, Section 702, privacy

A measure to address the sale of Americans’ data doesn’t go far enough to rein in the data broker inRead more

Russian military intelligence may have deployed wiper against multiple Ukrainian ISPs

On March 21, 2024Source: CyberScoopBy AJ Vicens
Categories: Geopolitics, AcidPour, AcidRain, Russia, Ukraine, wiper malware

A group known as Solntsepek claimed credit for attacks on the ISPs Triacom, Misto TV, Linktelecom anRead more

Krebs On Security

The Hacker News

Telegram Offers Premium Subscription in Exchange for Using Your Number to Send OTPs

On March 28, 2024Source: The Hacker NewsBy

In June 2017, a study of more than 3,000 Massachusetts Institute of Technology (MIT) studeRead more

In June 2017, a study of more than 3,000 Massachusetts Institute of Technology (MIT) students published by the National Bureau for Economic Research (NBER) found that 98% of them were willing to give away their friends' email addresses in exchange for free pizza. "Whereas people say they care about privacy, they are willing to relinquish private data quite easily when

Hackers Hit Indian Defense, Energy Sectors with Malware Posing as Air Force Invite

On March 27, 2024Source: The Hacker NewsBy

Indian government entities and energy companies have been targeted by unknown threat actors with anRead more

Indian government entities and energy companies have been targeted by unknown threat actors with an aim to deliver a modified version of an open-source information stealer malware called HackBrowserData and exfiltrate sensitive information in some cases by using Slack as command-and-control (C2). "The information stealer was delivered via a phishing email, masquerading as an invitation letter

CISA Warns: Hackers Actively Attacking Microsoft SharePoint Vulnerability

On March 27, 2024Source: The Hacker NewsBy

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flawRead more

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting Microsoft Sharepoint Server to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2023-24955 (CVSS score: 7.2), is a critical remote code execution flaw that allows an authenticated attacker with Site

Microsoft Edge Bug Could Have Allowed Attackers to Silently Install Malicious Extensions

On March 27, 2024Source: The Hacker NewsBy

A now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbiRead more

A now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbitrary extensions on users' systems and carry out malicious actions.  "This flaw could have allowed an attacker to exploit a private API, initially intended for marketing purposes, to covertly install additional browser extensions with broad permissions without the user's knowledge," Guardio

SASE Solutions Fall Short Without Enterprise Browser Extensions, New Report Reveals

On March 27, 2024Source: The Hacker NewsBy

As SaaS applications dominate the business landscape, organizations need optimized network speed andRead more

As SaaS applications dominate the business landscape, organizations need optimized network speed and robust security measures. Many of them have been turning to SASE, a product category that offers cloud-based network protection while enhancing network infrastructure performance. However, a new report: "Better Together: SASE and Enterprise Browser Extension for the SaaS-First Enterprise" (

Critical Unpatched Ray AI Platform Vulnerability Exploited for Cryptocurrency Mining

On March 27, 2024Source: The Hacker NewsBy

Cybersecurity researchers are warning that threat actors are actively exploiting a "disputed" and unRead more

Cybersecurity researchers are warning that threat actors are actively exploiting a "disputed" and unpatched vulnerability in an open-source artificial intelligence (AI) platform called Anyscale Ray to hijack computing power for illicit cryptocurrency mining. "This vulnerability allows attackers to take over the companies' computing power and leak sensitive data," Oligo Security researchers Avi

Alert: New Phishing Attack Delivers Keylogger Disguised as Bank Payment Notice

On March 27, 2024Source: The Hacker NewsBy

A new phishing campaign has been observed leveraging a novel loader malware to deliver an informatioRead more

A new phishing campaign has been observed leveraging a novel loader malware to deliver an information stealer and keylogger called Agent Tesla. Trustwave SpiderLabs said it identified a phishing email bearing this attack chain on March 8, 2024. The message masquerades as a bank payment notification, urging the user to open an archive file attachment. The archive ("Bank Handlowy w Warszawie

Two Chinese APT Groups Ramp Up Cyber Espionage Against ASEAN Countries

On March 27, 2024Source: The Hacker NewsBy

Two China-linked advanced persistent threat (APT) groups have been observed targeting entities and mRead more

Two China-linked advanced persistent threat (APT) groups have been observed targeting entities and member countries affiliated with the Association of Southeast Asian Nations (ASEAN) as part of a cyber espionage campaign over the past three months. This includes the threat actor known as Mustang Panda, which has been recently linked to cyber attacks against Myanmar as well as

Sketchy NuGet Package Likely Linked to Industrial Espionage Targets Developers

On March 26, 2024Source: The Hacker NewsBy

Threat hunters have identified a suspicious package in the NuGet package manager that's liRead more

Threat hunters have identified a suspicious package in the NuGet package manager that's likely designed to target developers working with tools made by a Chinese firm that specializes in industrial- and digital equipment manufacturing. The package in question is SqzrFramework480, which ReversingLabs said was first published on January 24, 2024. It has been downloaded 

U.S. Charges 7 Chinese Nationals in Major 14-Year Cyber Espionage Operation

On March 26, 2024Source: The Hacker NewsBy

The U.S. Department of Justice (DoJ) on Monday unsealed indictments against seven Chinese nationalsRead more

The U.S. Department of Justice (DoJ) on Monday unsealed indictments against seven Chinese nationals for their involvement in a hacking group that targeted U.S. and foreign critics, journalists, businesses, and political officials for about 14 years. The defendants include Ni Gaobin (倪高彬), Weng Ming (翁明), Cheng Feng (程锋), Peng Yaowen (彭耀文), Sun Xiaohui (孙小辉), Xiong Wang (熊旺), and Zhao Guangzong (

How Can We Help?

11 + 4 =

Share This